CyberWar: 32 million Twitter passwords may have been hacked and leaked

Two Chinese army colonels in 1999 published a book on military strategy called ‘Unrestricted Warfare’, the primary concern is how a nation such as China can defeat a technological superior opponent such as the United States through a variety of means.

It has been a tense week for some of the giant in the world of Information Technology such as Facebook CEO Mark Zuckerberg whose Twitter, LinkedIn and Pinterest was hacked and now another one of his fellow mate and co-founder and former CEO Evan Williams had his Twitter account hacked. According to a news report from Dailysignal.com titled Why ISIS has Threatened the CEOs of Facebook and Twitter, the Islamic State(ISIS) released a propaganda video which threatened the Facebook founder and Twitter founder.

To rule out such a possibility by a group who have gained world wide attention would be naive. Other elements which have the capability to conduct such exercises are black hat hackers, who “violates computer security for little reason beyond maliciousness or for personal gain.” The group which claimed responsibility for Williams’ Twitter account is by the name of OurMine for the hack in a now-deleted tweet: “Hey, it’s OurMine Team, we are just testing your security, please send us a message” and provided its email.

OurMine is the same group that took credit for hacking Zuckerberg’s accounts.

The worrisome factor is that hackers may have infiltrated and used malware to collect more than 32 million Twitter login credentials that are now being sold on the dark web.

Twitter has made it clear from its spokesperson that its systems have not been penetrated. “We are confident that these usernames and credentials were not obtained by a Twitter data breach – our systems have not been breached. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks.” said the Twitter spokesperson

LeakedSource, a site with a search engine of leaked login credentials, said in a blog post that it received a copy of the user information from “Tessa88@exploit.im,” the same alias used by the person who gave it hacked data from Russian social network VK last week. LeakedSource says the cache of Twitter data contains 32,888,300 records, including email addresses, usernames, and passwords. LeakedSource has added the information to its search engine, which is paid but lets people remove leaked information for free.

Based on information in the data (including the fact that many of the passwords are displayed in plaintext), LeakedSource believes that the user credentials were collected by malware infecting browsers like Firefox or Chrome rather than stolen directly from Twitter. Many of the affected users appear to be in Russia—six of the top 10 email domains represented in the database are Russian, including mail.ru and yandex.ru.